{"vulnerability": "CVE-2025-42999", "sightings": [{"uuid": "d1ca4906-fd5d-480a-bf5c-533fd976a151", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3lpcasmrubt2x", "content": "", "creation_timestamp": "2025-05-16T14:35:23.303420Z"}, {"uuid": "6fee3808-783a-44cf-a9cf-084afb355575", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lpcwgjambn2c", "content": "", "creation_timestamp": "2025-05-16T21:02:22.659897Z"}, {"uuid": "cc511285-e85d-477c-989f-fc508cdf532b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/cecallihelper.bsky.social/post/3lpevytnwg22y", "content": "", "creation_timestamp": "2025-05-17T16:00:05.721073Z"}, {"uuid": "6fb49e2d-bf19-4cf6-8c42-a849de902840", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lpkhhfvp6k2g", "content": "", "creation_timestamp": "2025-05-19T20:55:41.846439Z"}, {"uuid": "9442cbc5-f49c-4870-857e-c9dadd251164", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://swecyb.com/users/nopatience/statuses/114852814288918725", "content": "", "creation_timestamp": "2025-07-14T17:41:14.983966Z"}, {"uuid": "9cff5540-7ba2-40e1-a7f0-4c385de6a39d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/cstromblad.com/post/3ltwwq2umwal2", "content": "", "creation_timestamp": "2025-07-14T17:45:06.932575Z"}, {"uuid": "5271a731-33f3-431e-aba8-3ef253316236", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lpimr5n6ms2k", "content": "", "creation_timestamp": "2025-05-19T03:25:17.191594Z"}, {"uuid": "addfde2c-cf7f-4c9a-a984-71163cb91efe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114497943894558300", "content": "", "creation_timestamp": "2025-05-13T01:32:54.690446Z"}, {"uuid": "729027da-fed9-4e2a-bab6-c83a1732df04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lozjabdezn24", "content": "", "creation_timestamp": "2025-05-13T03:12:14.843103Z"}, {"uuid": "830dd10e-e3a9-425a-89f4-6bafbb80d33e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lp3pb3q2j62g", "content": "", "creation_timestamp": "2025-05-14T00:05:22.400451Z"}, {"uuid": "7e3f6e66-294d-4365-bb97-699d11b60877", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/earlybirdsinvest.bsky.social/post/3lp46c53wip2l", "content": "", "creation_timestamp": "2025-05-14T04:34:23.338834Z"}, {"uuid": "e226c60d-0105-41f9-a7f5-fc4797a07844", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/technijian.bsky.social/post/3lp4iwrm6gk2w", "content": "", "creation_timestamp": "2025-05-14T07:44:55.268174Z"}, {"uuid": "2d79947b-35b6-4e51-8bdf-d4d701cf2dad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp4jxcfgtgc2", "content": "", "creation_timestamp": "2025-05-14T08:03:52.953193Z"}, {"uuid": "f2f1e6ff-977f-49bb-b546-3b42988af556", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114513036917872064", "content": "", "creation_timestamp": "2025-05-15T17:31:15.755706Z"}, {"uuid": "1e2f370f-0b22-4112-bfa1-cb20ea98fe5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/ajsdecepida.bsky.social/post/3lp5zpquszc2h", "content": "", "creation_timestamp": "2025-05-14T22:17:53.294758Z"}, {"uuid": "8ee3d125-dd20-4d78-ac2b-b68c99da971b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/ajsdecepida.bsky.social/post/3lp5zpquyus2h", "content": "", "creation_timestamp": "2025-05-14T22:17:54.332702Z"}, {"uuid": "e98f23bb-154e-4c34-9991-78515a7efae7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/ajsdecepida.bsky.social/post/3lp5zpquzu22h", "content": "", "creation_timestamp": "2025-05-14T22:17:55.351258Z"}, {"uuid": "76e43f47-978c-4dcd-948b-ace966f09cf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3lp6a5byhuc26", "content": "", "creation_timestamp": "2025-05-15T00:12:52.783943Z"}, {"uuid": "e1f11a49-84bf-4465-a2b3-8c17c77afbca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-287bc985-b46a6cfdc4b904fd", "content": "", "creation_timestamp": "2025-05-15T08:33:32.097146Z"}, {"uuid": "de702112-8544-4dbf-979c-05d6bc8a2c93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lpa2xdokz625", "content": "", "creation_timestamp": "2025-05-15T17:45:18.979302Z"}, {"uuid": "8522e2d2-5d0a-45d8-b8f7-5bb3a0d09f47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/4016557", "content": "", "creation_timestamp": "2025-05-15T18:36:37.560812Z"}, {"uuid": "b991434a-f05d-401d-b3cb-fc3ff570be55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lpad65fwr222", "content": "", "creation_timestamp": "2025-05-15T20:12:19.218141Z"}, {"uuid": "ca7ee597-80c0-4944-86d9-5847443c453a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/114513673608415515", "content": "", "creation_timestamp": "2025-05-15T20:13:17.786614Z"}, {"uuid": "d8e767cb-6d84-44dc-ae35-d6fb1ad21712", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lpafxtwmkt2i", "content": "", "creation_timestamp": "2025-05-15T21:02:31.255980Z"}, {"uuid": "23942736-1202-4ad5-ae7a-dc417b915d58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lpagkmi5ci2b", "content": "", "creation_timestamp": "2025-05-15T21:12:57.627440Z"}, {"uuid": "04ebe93a-77dc-4118-991f-cce7bb2efe92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lwspe4cu622a", "content": "", "creation_timestamp": "2025-08-20T05:34:39.962151Z"}, {"uuid": "734957ff-945a-448b-a0c9-ef91540ebc6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-28T08:23:31.000000Z"}, {"uuid": "c34239de-7f2e-44b7-ba95-1f34826d16ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lp55wohbmk27", "content": "", "creation_timestamp": "2025-05-14T14:00:41.454522Z"}, {"uuid": "ff0d6c8d-d9f2-49f2-97f7-46ef45212aa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-29T03:12:18.000000Z"}, {"uuid": "8f8dc5d7-bcab-428a-a6b5-330f5fd253fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lwsschdhpgg2", "content": "", "creation_timestamp": "2025-08-20T06:27:30.015813Z"}, {"uuid": "c9d5badf-c7b4-4877-8404-9644f2503b7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lwta2afqxv22", "content": "", "creation_timestamp": "2025-08-20T10:33:22.001902Z"}, {"uuid": "58cd524f-9dab-479a-90d7-1de3ca0e2fa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3lwtagskze22h", "content": "", "creation_timestamp": "2025-08-20T10:40:28.311066Z"}, {"uuid": "e1f29cc0-3def-4f4f-8e53-75608a5a16fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-42999", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/115060715927116071", "content": "", "creation_timestamp": "2025-08-20T10:53:14.276836Z"}, {"uuid": "0a6e2ef8-718b-4ed3-ac3d-f9058fd8b87c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-42999", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3lwtdbv4pebl2", "content": "", "creation_timestamp": "2025-08-20T11:34:26.219429Z"}, {"uuid": "88082e5b-bba2-48ec-bdfa-753d76dff177", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://threatintel.cc/2025/08/20/exploit-for-critical-sap-netweaver.html", "content": "", "creation_timestamp": "2025-08-20T08:53:20.000000Z"}, {"uuid": "4a4ae4c6-c27e-4c17-9b2b-d38756adc139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3lwue37eh7e2b", "content": "", "creation_timestamp": "2025-08-20T21:18:09.702203Z"}, {"uuid": "861a82b6-757c-4227-ac4a-efbb4561d93c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://thehackernews.com/2025/08/public-exploit-for-chained-sap-flaws.html", "content": "", "creation_timestamp": "2025-08-19T11:00:00.000000Z"}, {"uuid": "793e3c41-a03c-4076-aa31-15fae9da9080", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3lwrdcvur5223", "content": "", "creation_timestamp": "2025-08-19T16:26:36.934795Z"}, {"uuid": "d0710e01-5d31-4a73-84a3-c7061f538df7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3lwrdya7ts22k", "content": "", "creation_timestamp": "2025-08-19T16:38:34.381574Z"}, {"uuid": "f533ac1c-1a5d-4c98-a4e1-e26165e34db0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/undercodenews.bsky.social/post/3lwrihho3rc2d", "content": "", "creation_timestamp": "2025-08-19T17:58:37.136619Z"}, {"uuid": "cad3db05-3f29-449b-9062-2285ec099327", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/ehcgroup.bsky.social/post/3lwuebnlzx22m", "content": "", "creation_timestamp": "2025-08-20T21:21:47.784786Z"}, {"uuid": "2b44ca74-edb6-4e80-90e2-8c6c42e72177", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lwumiyfrsc2i", "content": "", "creation_timestamp": "2025-08-20T23:49:01.419031Z"}, {"uuid": "54c08c89-4548-4806-ae83-b4e424474801", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lwuuoepmx525", "content": "", "creation_timestamp": "2025-08-21T02:15:11.831316Z"}, {"uuid": "8815caad-601f-4417-881f-3c066819d56a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lwvbgk2usc2c", "content": "", "creation_timestamp": "2025-08-21T06:03:27.533269Z"}, {"uuid": "84d594a9-be18-4891-ba1f-ed0ae4eb736d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16074", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-42999\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system.\n\ud83d\udccf Published: 2025-05-13T00:17:43.710Z\n\ud83d\udccf Modified: 2025-05-13T01:38:43.612Z\n\ud83d\udd17 References:\n1. https://me.sap.com/notes/3604119\n2. https://url.sap/sapsecuritypatchday", "creation_timestamp": "2025-05-13T02:29:15.000000Z"}, {"uuid": "acca6023-fec1-419d-a1a4-f9cdbde9b549", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/infosecindustry.bsky.social/post/3lws5zoxyuu2l", "content": "", "creation_timestamp": "2025-08-20T00:24:36.168047Z"}, {"uuid": "13813533-04a6-499e-a81c-d82a631e0661", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/davidi99.bsky.social/post/3lwxhohaf422t", "content": "", "creation_timestamp": "2025-08-22T03:00:34.773494Z"}, {"uuid": "88dc7b98-ac0f-4d44-bf00-9a8c0f494cbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3lx7jfm2k2s2e", "content": "", "creation_timestamp": "2025-08-25T07:52:47.433325Z"}, {"uuid": "862c2b70-ffe6-4fc4-8d15-21c1edc1f58b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://bsky.app/profile/sequretek.bsky.social/post/3lxk4y5huw22i", "content": "", "creation_timestamp": "2025-08-29T13:09:46.128188Z"}, {"uuid": "c151dd8e-d380-40b7-a51b-c0304d87d79a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2025-42999", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3caff1e7-deb6-407e-91db-d173460dd3f5", "content": "", "creation_timestamp": "2026-02-02T12:26:01.093525Z"}, {"uuid": "b3a44287-4d79-42d0-82a8-76ff965753a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "exploited", "source": "Telegram/zKFG73BYVSRhEPbGmYVYsZNGKOSqp4CxMnirk1glsZ7y4g", "content": "", "creation_timestamp": "2025-08-19T23:24:26.000000Z"}, {"uuid": "7671f3fb-5dbc-4c6e-aa9f-e87363922f10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "exploited", "source": "https://t.me/ics_cert/1155", "content": "\u0634\u0631\u06a9\u062a SAP \u0648\u0635\u0644\u0647\u200c\u0647\u0627\u06cc\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc \u0631\u0641\u0639 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0648\u0645 \u06a9\u0647 \u062f\u0631 \u062d\u0645\u0644\u0627\u062a \u0627\u062e\u06cc\u0631 \u0628\u0647 \u0633\u0631\u0648\u0631\u0647\u0627\u06cc SAP NetWeaver \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0631\u0648\u0632 \u0635\u0641\u0631 \u0645\u0648\u0631\u062f \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a\u0647 \u0628\u0648\u062f\u060c \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f.\n\n\u0627\u06cc\u0646 \u0634\u0631\u06a9\u062a \u0631\u0648\u0632 \u062f\u0648\u0634\u0646\u0628\u0647 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc\u06cc \u0628\u0631\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc\u062f CVE-2025-42999 \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f\u060c \u067e\u0633 \u0627\u0632 \u0622\u0646\u06a9\u0647 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u062c\u0631\u06cc\u0627\u0646 \u062a\u062d\u0642\u06cc\u0642\u0627\u062a \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u062d\u0645\u0644\u0627\u062a \u0631\u0648\u0632 \u0635\u0641\u0631 \u06a9\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0622\u067e\u0644\u0648\u062f \u0641\u0627\u06cc\u0644 \u063a\u06cc\u0631\u0645\u062c\u0627\u0632 \u062f\u06cc\u06af\u0631\u06cc ( CVE-2025-31324 ) \u0631\u0627 \u062f\u0631 SAP NetWeaver Visual Composer \u06a9\u0647 \u062f\u0631 \u0645\u0627\u0647 \u0622\u0648\u0631\u06cc\u0644 \u0648\u0635\u0644\u0647 \u0634\u062f\u0647 \u0628\u0648\u062f\u060c \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u0645\u06cc\u200c\u062f\u0627\u062f\u0646\u062f\u060c \u06a9\u0634\u0641 \u0634\u062f.\n\nReliaQuest \u0627\u0648\u0644\u06cc\u0646 \u0628\u0627\u0631 \u062f\u0631 \u0645\u0627\u0647 \u0622\u0648\u0631\u06cc\u0644 \u062d\u0645\u0644\u0627\u062a\u06cc \u0631\u0627 \u06a9\u0634\u0641 \u06a9\u0631\u062f \u06a9\u0647 CVE-2025-31324 \u0631\u0627 \u0647\u062f\u0641 \u0642\u0631\u0627\u0631 \u0645\u06cc\u200c\u062f\u0627\u062f\u0646\u062f.\n\n\u0633\u067e\u0633 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u067e\u0633 \u0627\u0632 \u0647\u06a9 \u06a9\u0631\u062f\u0646 \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u060c JSP web wrappers \u0631\u0627 \u062f\u0631 \u062f\u0627\u06cc\u0631\u06a9\u062a\u0648\u0631\u06cc\u200c\u0647\u0627\u06cc \u0642\u0627\u0628\u0644 \u062f\u0633\u062a\u0631\u0633 \u0639\u0645\u0648\u0645 \u0622\u067e\u0644\u0648\u062f \u06a9\u0631\u062f\u0646\u062f \u0648 \u0627\u0632 \u0627\u0628\u0632\u0627\u0631 \u062a\u06cc\u0645 \u0642\u0631\u0645\u0632 Brute Ratel \u0646\u06cc\u0632 \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0646\u062f.\n\n\u0639\u0644\u0627\u0648\u0647 \u0628\u0631 \u0627\u06cc\u0646\u060c \u062a\u0645\u0627\u0645 \u0646\u0645\u0648\u0646\u0647\u200c\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u062f\u06cc\u062f\u0647 \u0628\u0647\u200c\u0637\u0648\u0631 \u06a9\u0627\u0645\u0644 \u0648\u0635\u0644\u0647 \u0634\u062f\u0646\u062f \u06a9\u0647 \u0646\u0634\u0627\u0646 \u0645\u06cc\u200c\u062f\u0647\u062f \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u0632 \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0631\u0648\u0632 \u0635\u0641\u0631 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0631\u062f\u0647\u200c\u0627\u0646\u062f.\n\n\u0627\u0647\u062f\u0627\u0641 \u0627\u06cc\u0646 \u06a9\u0645\u067e\u06cc\u0646 \u0634\u0627\u0645\u0644 \u0634\u0631\u06a9\u062a\u200c\u0647\u0627\u06cc \u06af\u0627\u0632 \u0648 \u0622\u0628\u060c \u0634\u0631\u06a9\u062a\u200c\u0647\u0627\u06cc \u0645\u062f\u06cc\u0631\u06cc\u062a \u067e\u0633\u0645\u0627\u0646\u062f \u062f\u0631 \u0628\u0631\u06cc\u062a\u0627\u0646\u06cc\u0627\u060c \u062a\u0648\u0644\u06cc\u062f\u06a9\u0646\u0646\u062f\u06af\u0627\u0646 \u062a\u062c\u0647\u06cc\u0632\u0627\u062a \u067e\u0632\u0634\u06a9\u06cc\u060c \u0634\u0631\u06a9\u062a\u200c\u0647\u0627\u06cc \u0627\u0646\u0631\u0698\u06cc \u0622\u0645\u0631\u06cc\u06a9\u0627\u06cc\u06cc \u0648 \u0633\u0627\u0632\u0645\u0627\u0646\u200c\u0647\u0627\u06cc \u062f\u0648\u0644\u062a\u06cc \u062f\u0631 \u0628\u062e\u0634 \u0645\u0627\u0644\u06cc \u062f\u0631 \u0639\u0631\u0628\u0633\u062a\u0627\u0646 \u0633\u0639\u0648\u062f\u06cc \u0628\u0648\u062f.\n\n\u0646\u062a\u0627\u06cc\u062c \u0628\u0631 \u0627\u0633\u0627\u0633 \u06cc\u06a9 \u062f\u0627\u06cc\u0631\u06a9\u062a\u0648\u0631\u06cc \u0642\u0627\u0628\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u0639\u0645\u0648\u0645\u06cc \u0627\u0633\u062a \u06a9\u0647 \u062f\u0631 \u0632\u06cc\u0631\u0633\u0627\u062e\u062a \u062a\u062d\u062a \u06a9\u0646\u062a\u0631\u0644 \u0645\u0647\u0627\u062c\u0645 \u06cc\u0627\u0641\u062a \u0634\u062f\u0647 \u0627\u0633\u062a (\"15.204.56[.]106\") \u06a9\u0647 \u0634\u0627\u0645\u0644 \u06af\u0632\u0627\u0631\u0634\u200c\u0647\u0627\u06cc \u0631\u0648\u06cc\u062f\u0627\u062f \u062b\u0628\u062a \u0641\u0639\u0627\u0644\u06cc\u062a \u062f\u0631 \u0686\u0646\u062f\u06cc\u0646 \u0633\u06cc\u0633\u062a\u0645 \u0622\u0633\u06cc\u0628\u200c\u062f\u06cc\u062f\u0647 \u0627\u0633\u062a:\n\n- CVE-2025-31324-results.txt\u060c \u06a9\u0647 \u06f5\u06f8\u06f1 \u0646\u0645\u0648\u0646\u0647 SAP NetWeaver \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0648 \u06cc\u06a9 \u062f\u0631\u0628 \u067e\u0634\u062a\u06cc \u067e\u0648\u0633\u062a\u0647 \u0648\u0628 \u0631\u0627 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u06a9\u0631\u062f.\n- SAP NetWeaver_20250427_212229.txt \u06a9\u0647 \u0641\u0647\u0631\u0633\u062a\u06cc \u0627\u0632 \u06f8\u06f0\u06f0 \u062f\u0627\u0645\u0646\u0647\u200c\u06cc \u062f\u0627\u0631\u0627\u06cc SAP NetWeaver \u0631\u0627 \u06a9\u0647 \u0627\u062d\u062a\u0645\u0627\u0644\u0627\u064b \u062f\u0631 \u0622\u06cc\u0646\u062f\u0647 \u0645\u0648\u0631\u062f \u062d\u0645\u0644\u0647 \u0642\u0631\u0627\u0631 \u062e\u0648\u0627\u0647\u0646\u062f \u06af\u0631\u0641\u062a\u060c \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f.\n\n\u0627\u06cc\u0646 \u062d\u0645\u0644\u0627\u062a \u0642\u0628\u0644\u0627\u064b \u062a\u0648\u0633\u0637 \u0645\u062d\u0642\u0642\u0627\u0646 watchTowr \u0648 Onapsis \u0646\u06cc\u0632 \u0645\u0634\u0627\u0647\u062f\u0647 \u0634\u062f\u0647 \u0628\u0648\u062f\u0646\u062f \u060c \u0648 \u0622\u0632\u0645\u0627\u06cc\u0634\u06af\u0627\u0647\u200c\u0647\u0627\u06cc Vedere \u0627\u0632 Forescout \u0628\u0631\u062e\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u062d\u0645\u0644\u0627\u062a \u0631\u0627 \u0628\u0647 \u0639\u0627\u0645\u0644 \u062a\u0647\u062f\u06cc\u062f \u0686\u06cc\u0646\u06cc Chaya_004 \u0645\u0631\u062a\u0628\u0637 \u062f\u0627\u0646\u0633\u062a\u0646\u062f \u06a9\u0647 SuperShell \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 Go \u0631\u0627 \u0645\u0633\u062a\u0642\u0631 \u06a9\u0631\u062f\u0647 \u0628\u0648\u062f .\n\n\u0634\u0631\u06a9\u062a EclecticIQ \u0627\u06cc\u0646 \u0646\u0641\u0648\u0630\u0647\u0627 \u0631\u0627 \u0628\u0647 \u062e\u0648\u0634\u0647\u200c\u0647\u0627\u06cc \u062a\u0647\u062f\u06cc\u062f \u0686\u06cc\u0646\u06cc \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc UNC5221\u060c UNC5174 \u0648 CL-STA-0048 \u0645\u0631\u062a\u0628\u0637 \u0645\u06cc\u200c\u062f\u0627\u0646\u062f.\n\n\u0627\u0648\u0646\u06cc\u0641\u0647 \u0647\u0645\u0686\u0646\u06cc\u0646 \u062f\u0631\u06cc\u0627\u0641\u062a \u06a9\u0647 \u062a\u0627 \u0627\u0648\u0627\u062e\u0631 \u0622\u0648\u0631\u06cc\u0644\u060c \u062a\u0642\u0631\u06cc\u0628\u0627\u064b 20 \u0634\u0631\u06a9\u062a \u0627\u0632 \u0641\u0647\u0631\u0633\u062a \u0641\u0648\u0631\u0686\u0648\u0646 500/\u06af\u0644\u0648\u0628\u0627\u0644 500 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0628\u0648\u062f\u0647\u200c\u0627\u0646\u062f \u0648 \u0628\u0633\u06cc\u0627\u0631\u06cc \u0627\u0632 \u0622\u0646\u0647\u0627 \u062d\u062a\u06cc \u062f\u0631 \u0645\u0639\u0631\u0636 \u062e\u0637\u0631 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a\u0647\u200c\u0627\u0646\u062f.\n\n\u062f\u0631 \u0645\u062c\u0645\u0648\u0639\u060c \u062f\u0631 \u0622\u0646 \u0632\u0645\u0627\u0646 \u06f1\u06f2\u06f8\u06f4 \u0645\u0648\u0631\u062f \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0634\u0628\u06a9\u0647 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647 \u0628\u0648\u062f \u06a9\u0647 \u06f4\u06f7\u06f4 \u0645\u0648\u0631\u062f \u0627\u0632 \u0622\u0646\u0647\u0627 \u0642\u0628\u0644\u0627\u064b \u0645\u0648\u0631\u062f \u0646\u0641\u0648\u0630 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a\u0647 \u0628\u0648\u062f\u0646\u062f.\n\n\u0628\u0646\u06cc\u0627\u062f Shadowserver \u062f\u0631 \u062d\u0627\u0644 \u062d\u0627\u0636\u0631 \u0628\u06cc\u0634 \u0627\u0632 \u06f2\u06f0\u06f4\u06f0 \u0633\u0631\u0648\u0631 SAP Netweaver \u06a9\u0647 \u062f\u0631 \u0627\u06cc\u0646\u062a\u0631\u0646\u062a \u0645\u06cc\u0632\u0628\u0627\u0646\u06cc \u0645\u06cc\u200c\u0634\u0648\u0646\u062f \u0648 \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u062d\u0645\u0644\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0647\u0633\u062a\u0646\u062f \u0631\u0627 \u0631\u0635\u062f \u0645\u06cc\u200c\u06a9\u0646\u062f .\n\n\u0627\u06af\u0631\u0686\u0647 SAP \u0647\u0646\u0648\u0632 \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc CVE-2025-42999 \u0631\u0627 \u062f\u0631 \u0633\u0637\u062d \u0627\u06cc\u0646\u062a\u0631\u0646\u062a \u062a\u0623\u06cc\u06cc\u062f \u0646\u06a9\u0631\u062f\u0647 \u0627\u0633\u062a\u060c \u0627\u0645\u0627 \u0645\u062d\u0642\u0642\u0627\u0646 Onapsis \u0627\u0632 \u0645\u0627\u0647 \u0698\u0627\u0646\u0648\u06cc\u0647 \u0634\u0627\u0647\u062f \u062a\u0631\u06a9\u06cc\u0628 \u0647\u0631 \u062f\u0648 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc (CVE-2025-31324 \u0648 CVE-2025-42999) \u062a\u0648\u0633\u0637 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0628\u0648\u062f\u0647\u200c\u0627\u0646\u062f.\n\n\u0627\u06cc\u0646 \u062a\u0631\u06a9\u06cc\u0628 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0627\u062f \u062a\u0627 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0648 \u0628\u062f\u0648\u0646 \u0647\u06cc\u0686 \u06af\u0648\u0646\u0647 \u0627\u0645\u062a\u06cc\u0627\u0632\u06cc \u0631\u0648\u06cc \u0633\u06cc\u0633\u062a\u0645 \u0627\u062c\u0631\u0627 \u06a9\u0646\u0646\u062f.\n\n\u0628\u0647 \u0645\u062f\u06cc\u0631\u0627\u0646 SAP \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f \u06a9\u0647 \u0641\u0648\u0631\u0627\u064b \u0646\u0645\u0648\u0646\u0647\u200c\u0647\u0627\u06cc NetWeaver \u062e\u0648\u062f \u0631\u0627 \u0628\u0647\u0622\u062e\u0631\u06cc\u0646 \u0646\u0633\u062e\u0647 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u0646\u062f \u0648 \u063a\u06cc\u0631\u0641\u0639\u0627\u0644 \u06a9\u0631\u062f\u0646 \u0633\u0631\u0648\u06cc\u0633 Visual Composer \u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0633\u0631\u0648\u06cc\u0633\u200c\u0647\u0627\u06cc \u062f\u0627\u0646\u0644\u0648\u062f \u0641\u0631\u0627\u062f\u0627\u062f\u0647 \u0648 \u0646\u0638\u0627\u0631\u062a \u0628\u0631 \u0641\u0639\u0627\u0644\u06cc\u062a\u200c\u0647\u0627\u06cc \u0645\u0634\u06a9\u0648\u06a9 \u0631\u0627 \u062f\u0631 \u0646\u0638\u0631 \u0628\u06af\u06cc\u0631\u0646\u062f.\nhttps://support.sap.com/en/my-support/knowledge-base/security-notes-news/may-2025.html\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33\n\u06af\u0631\u0648\u0647 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ICSCERT_IR", "creation_timestamp": "2025-05-15T18:40:53.000000Z"}, {"uuid": "fcdbed01-5547-424c-b01d-26b26c1a8b13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://t.me/kasperskyb2b/1734", "content": "\ud83d\udc40 \u0417\u0430 \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u043d\u0435 \u0443\u043f\u0440\u0430\u0432\u0438\u043c\u0441\u044f. \u041e\u0431\u044a\u044f\u0432\u043b\u044f\u0435\u043c Patch Week!\n\n\u0422\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u044b\u043c  \u043f\u0430\u0442\u0447\u0438\u043d\u0433\u043e\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Microsoft \u043f\u043e\u0441\u043b\u0435 \u0432\u0442\u043e\u0440\u043e\u0433\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a\u0430 \u043c\u0435\u0441\u044f\u0446\u0430 \u043d\u0430\u043c \u043d\u0435 \u043e\u0431\u043e\u0439\u0442\u0438\u0441\u044c \u2014 \u0437\u0430\u043a\u0440\u044b\u0442\u044c \u0437\u0438\u0440\u043e\u0434\u0435\u0438 \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u043f\u043e\u0441\u043f\u0435\u0448\u0438\u043b\u0438 \u043c\u043d\u043e\u0433\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0438 \u041f\u041e \u0434\u043b\u044f \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Microsoft, Fortinet, SAP, Adobe, \u0438 \u043a\u043e\u043d\u0435\u0447\u043d\u043e Ivanti. \n\n\ud83d\udcbb \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u0432\u044b\u043a\u0430\u0442\u0438\u043b 72 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f (\u0435\u0441\u043b\u0438 \u043d\u0435 \u0441\u0447\u0438\u0442\u0430\u0442\u044c Azure \u0438 Chromium), \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0432 5 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0437\u0438\u0440\u043e\u0434\u0435\u0435\u0432 \u0438 2 \u0431\u0430\u0433\u0430, \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0451\u043d\u043d\u044b\u0445 \u0434\u043e \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 Microsoft.  \n\n\u0418\u0437 72 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432, 6 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 (\u0432 \u0442.\u0447. RCE \u0432 Office \u0438 Remote desktop client), \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u2014 \u0432\u0430\u0436\u043d\u044b\u043c\u0438. \u0412\u0441\u0435\u0433\u043e 28 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a RCE, 17 \u2014 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 15 \u2014 \u043a \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0435\u043d\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 7 \u2014 \u043a DoS, 2 \u2014 \u043e\u0431\u0445\u043e\u0434\u0443 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0437\u0438\u0440\u043e\u0434\u0435\u0438:\nCVE-2025-30397 (CVSS3 7.5) \u2014 RCE \u0432 Scripting Engine \u0438\u0437-\u0437\u0430 \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438, \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0438\u0437 \u0440\u0435\u0436\u0438\u043c\u0430 Internet Explorer  \u0432 Edge. \u0423\u043c\u0435\u0440, \u0433\u043e\u0432\u043e\u0440\u0438\u0442\u0435, \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u043b\u0438, \u0433\u043e\u0432\u043e\u0440\u0438\u0442\u0435. \u0416\u0435\u0440\u0442\u0432\u0430 \u0434\u043e\u043b\u0436\u043d\u0430 \u043a\u043b\u0438\u043a\u043d\u0443\u0442\u044c \u043d\u0430 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0441\u0441\u044b\u043b\u043a\u0443 \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435.\n\nCVE-2025-32701 \u0438 -32706 (7.8) \u2014 \u043f\u0430\u0440\u0430 EoP \u0447\u0435\u0440\u0435\u0437 \u0440\u0435\u0448\u0435\u0442\u043e \u0434\u0440\u0430\u0439\u0432\u0435\u0440 CLFS. \u041f\u0440\u043e\u0448\u043b\u044b\u0435 \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0442\u0430\u043a\u043e\u0433\u043e \u0440\u043e\u0434\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0431\u0430\u043d\u0434\u0430\u043c\u0438 ransomware.\n\nCVE-2025-32709 (7.8) \u2014 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0447\u0435\u0440\u0435\u0437 Windows Ancillary Function Driver for Winsock, \u043f\u043e\u0445\u043e\u0436\u0438\u0439 \u0434\u0435\u0444\u0435\u043a\u0442 \u043c\u044b \u0443\u0436\u0435 \u0432\u0438\u0434\u0435\u043b\u0438 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435.\n\nCVE-2025-30400 (7.8) \u2014 \u0442\u043e\u0436\u0435 EoP, \u043d\u043e \u0447\u0435\u0440\u0435\u0437 DWM Core Library.\n\n\u041e \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u0438\u0445 \u0431\u0430\u0433\u043e\u0432 Microsoft \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u043d\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442.\n\n\u0421\u0440\u0435\u0434\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u0431\u0440\u0430\u0442\u0438\u043c \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043d\u0430 \u043f\u0430\u0440\u0443 RCE \u0432 RDP Client (CVE-2025-29966 \u0438 -29967) \u0438 \u043f\u0430\u0440\u0443 RCE \u0432 Office (CVE-2025-30377 \u0438 -30386). \u0425\u043e\u0442\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u0435\u0442 \u0448\u0430\u043d\u0441\u044b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u0432\u044b\u0441\u043e\u043a\u043e, \u0445\u043e\u0440\u043e\u0448\u043e \u0437\u043d\u0430\u043a\u043e\u043c\u044b\u0435 \u0438\u0437 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0438 \u0432\u0435\u043a\u0442\u043e\u0440\u044b \u0430\u0442\u0430\u043a (\u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442, \u0441\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0438\u0439 \u0434\u0430\u0436\u0435 \u0438\u0437 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430, \u0438 \u0442.\u043f.) \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u043f\u043e\u0442\u043e\u0440\u043e\u043f\u0438\u0442\u044c\u0441\u044f \u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438.\n\n\ud83d\udd0e Fortinet \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0437\u0438\u0440\u043e\u0434\u0435\u0439 CVE-2025-32756 \u0441\u043e \u0441\u043a\u0440\u043e\u043c\u043d\u044b\u043c CVSS 9.6. \u041a\u043b\u0430\u0441\u0441\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u043b\u043e \u043a RCE, \u0438 \u0445\u043e\u0442\u044f \u0440\u0435\u0430\u043b\u044c\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0431\u044b\u043b\u0430 \u043e\u0442\u043c\u0435\u0447\u0435\u043d\u0430 \u0432 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u044d\u043a\u0437\u043e\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u043c FortiVoice, \u0440\u043e\u0432\u043d\u043e \u0442\u043e\u0442 \u0436\u0435 \u0434\u0435\u0444\u0435\u043a\u0442 \u0435\u0441\u0442\u044c \u0432  FortiMail, FortiNDR, FortiRecorder \u0438 FortiCamera, \u0447\u0442\u043e \u0443\u0436\u0435 \u0433\u043e\u0440\u0430\u0437\u0434\u043e \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0435\u0435. \n\u0412 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u044b \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0430\u0442\u0447\u0438, \u043d\u043e \u0438 IoC \u0438\u0437 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432. \u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0441\u043c\u044f\u0433\u0447\u0430\u044e\u0449\u0435\u0439 \u043c\u0435\u0440\u044b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0432\u0435\u0431-\u043a\u043e\u043d\u0441\u043e\u043b\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f.\n\n\ud83c\udd70\ufe0f Adobe \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 13 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 40 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f ColdFusion. Lightroom, InDesign, Photoshop. \u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0440\u043e\u0447\u043d\u044b\u043c\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f 8 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 ColdFusion, 6 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0438\u043c\u0435\u044e\u0442 CVSS 9.1 \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043d\u0430 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 (\u043f\u043e\u043a\u0430) \u043d\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043e.\n\n\u2699\ufe0f SAP \u0442\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u0430\u0440\u043d\u044b\u0439 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0439 \u0432\u0442\u043e\u0440\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 NetWeaver, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u043e\u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445. CVE-2025-42999 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u043e\u0434\u043d\u043e\u0439 \u0446\u0435\u043f\u043e\u0447\u043a\u0435 \u0441 \u0440\u0430\u043d\u0435\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u043e\u0439 CVE-2025-31324.\n\n\ud83d\udcac Ivanti \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0434\u0432\u0430 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u0430 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 EPMM (CVE-2025-4427 \u0438 -4428), \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0438\u0445 \u043a RCE \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u0414\u0440\u0443\u0433\u0438\u043c \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u043c \u0437\u0430\u043a\u0440\u044b\u0442\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2025-22462 \u0432 Ivanti Neurons for ITSM (on-prem)  \u0441 CVSS 9.8, \u043a\u043e\u0442\u043e\u0440\u0430\u044f (\u043f\u043e\u043a\u0430) \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f.\n\n\u0423\u0434\u0430\u0447\u043d\u043e\u0433\u043e \u0432\u0441\u0435\u043c \u043f\u0430\u0442\u0447\u0438\u043d\u0433\u0430!\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #\u043f\u0430\u0442\u0447\u0438 @\u041f2\u0422", "creation_timestamp": "2025-05-14T08:36:25.000000Z"}, {"uuid": "e8e21e42-19ba-42fc-a632-8f0cf52ec27c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "exploited", "source": "https://t.me/true_secator/7029", "content": "SAP \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u044b SAP NetWeaver \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 0-day.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043d\u043e\u0432\u043e\u0439 CVE-2025-42999 \u0432 \u043f\u043e\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u0438\u043a, \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u043e\u043d\u0430 \u0432\u0441\u043a\u0440\u044b\u043b\u0430\u0441\u044c \u0432 \u0445\u043e\u0434\u0435 \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f 0-day \u0430\u0442\u0430\u043a, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u0434\u0440\u0443\u0433\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 (CVE-2025-31324) \u0432 SAP NetWeaver Visual Composer, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0430\u043f\u0440\u0435\u043b\u0435.\n\nReliaQuest \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0430\u0442\u0430\u043a\u0438, \u043e\u0440\u0438\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 CVE-2025-31324 \u0435\u0449\u0435 \u0432 \u0430\u043f\u0440\u0435\u043b\u0435.\n\n\u0422\u043e\u0433\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u0438 \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438 JSP \u0432 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0438 \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 Brute Ratel red team \u043f\u043e\u0441\u043b\u0435 \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0438\u0441\u0442\u0435\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0432\u0441\u0435 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b \u0431\u044b\u043b\u0438 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 0-day \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442.\n\n\u0426\u0435\u043b\u044f\u043c\u0438 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0441\u0442\u0430\u043b\u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f \u0433\u0430\u0437\u0430 \u0438 \u0432\u043e\u0434\u043e\u0441\u043d\u0430\u0431\u0436\u0435\u043d\u0438\u044f, \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0442\u0445\u043e\u0434\u0430\u043c\u0438 \u0432 \u0412\u0435\u043b\u0438\u043a\u043e\u0431\u0440\u0438\u0442\u0430\u043d\u0438\u0438, \u0437\u0430\u0432\u043e\u0434\u044b \u043f\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0443 \u043c\u0435\u0434\u0442\u0435\u0445\u043d\u0438\u043a\u0438, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0432 \u0441\u0444\u0435\u0440\u0435 \u0422\u042d\u041a \u0421\u0428\u0410, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u0432 \u0421\u0430\u0443\u0434\u043e\u0432\u0441\u043a\u043e\u0439 \u0410\u0440\u0430\u0432\u0438\u0438 \u0432 \u0441\u0444\u0435\u0440\u0435 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432.\n\n\u0420\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u044b \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u044b \u043d\u0430 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u043c \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0435, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u043c \u0432 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 (\u00ab15.204.56[.]106\u00bb), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b \u0436\u0443\u0440\u043d\u0430\u043b\u044b \u0441\u043e\u0431\u044b\u0442\u0438\u0439, \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0432 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445:\n\n- CVE-2025-31324-results.txt, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043e\u0442\u043c\u0435\u0447\u0435\u043d\u043e 581 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 SAP NetWeaver \u0438 \u0431\u044d\u043a\u0434\u043e\u0440 \u0441 \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u043a\u043e\u0439;\n- \u670d\u52a1\u6570\u636e_20250427_212229.txt, \u0432 \u043d\u0435\u043c \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u043e 800 \u0434\u043e\u043c\u0435\u043d\u043e\u0432, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c SAP NetWeaver, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0431\u0443\u0434\u0443\u0442 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043d\u044b \u0432 \u0431\u0443\u0434\u0443\u0449\u0435\u043c.\n\n\u0420\u0430\u043d\u0435\u0435 \u0430\u0442\u0430\u043a\u0438 \u0442\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0438 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 watchTowr \u0438 Onapsis, \u0430 Vedere Labs \u0438\u0437 Forescout \u0441\u0432\u044f\u0437\u0430\u043b\u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u044d\u0442\u0438\u0445 \u0430\u0442\u0430\u043a\u00a0\u0441 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c Chaya_004, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043b SuperShell \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Go.\n\nEclecticIQ \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u0435\u0442 \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u044f \u0441 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u043c\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430\u043c\u0438 \u0443\u0433\u0440\u043e\u0437, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u043c\u0438 \u043a\u0430\u043a\u00a0UNC5221, UNC5174 \u0438 CL-STA-0048.\n\n\u0412 Onyphe \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u0438, \u0447\u0442\u043e \u043f\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e \u043d\u0430 \u043a\u043e\u043d\u0435\u0446 \u0430\u043f\u0440\u0435\u043b\u044f \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e 20 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0438\u0437 \u0441\u043f\u0438\u0441\u043a\u0430 Fortune 500/Global 500 \u0431\u044b\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b, \u0430 \u043c\u043d\u043e\u0433\u0438\u0435 \u0434\u0430\u0436\u0435  \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b.\n\n\u0412 \u043e\u0431\u0449\u0435\u043c \u043d\u0430 \u0442\u043e\u0442 \u043c\u043e\u043c\u0435\u043d\u0442 \u0432 \u0441\u0435\u0442\u0438 \u0431\u044b\u043b\u043e \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043e 1284 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430, 474 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u0436\u0435 \u0431\u044b\u043b\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b.\n\n\u0412 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f Shadowserver Foundation \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 2040 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 SAP Netweaver, \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u043d\u044b\u0445 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0434\u043b\u044f \u0430\u0442\u0430\u043a.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e SAP \u043d\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e CVE-2025-42999 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Onapsis \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0438, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u044f\u043b\u0438 \u043e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2025-31324 \u0438 CVE-2025-42999) \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0435\u0449\u0435 \u0441 \u044f\u043d\u0432\u0430\u0440\u044f.\n\n\u042d\u0442\u0430 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0438 \u0431\u0435\u0437 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u0410\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c SAP \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b NetWeaver \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0438 \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0441\u043b\u0443\u0436\u0431\u044b Visual Composer, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u043b\u0443\u0436\u0431\u0430\u043c \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043c\u0435\u0442\u0430\u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c.", "creation_timestamp": "2025-05-14T12:30:05.000000Z"}, {"uuid": "be422a9e-5755-4d00-8481-4286593cbe54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "seen", "source": "https://t.me/cvedetector/25153", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-42999 - SAP NetWeaver Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2025-42999 \nPublished : May 13, 2025, 1:15 a.m. | 1\u00a0hour, 25\u00a0minutes ago \nDescription : SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system.Note: Customers who have implemented the security note 3594142 should also implement this security note 3604119. \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T05:30:27.000000Z"}, {"uuid": "40911515-3d51-47ed-b5de-3c397b17949a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-42999", "type": "exploited", "source": "https://t.me/thehackernews/6829", "content": "\ud83d\udea8 URGENT UPDATE: Another SAP flaw under active exploitation!\n\nCVE-2025-42999 (CVSS 9.1) is now confirmed actively exploited \u2014 allows attackers to execute commands via insecure deserialization in NetWeaver.\n\n\ud83d\udee0 Patch now: SAP Note 3604119\n\nRead: https://thehackernews.com/2025/05/china-linked-apts-exploit-sap-cve-2025.html", "creation_timestamp": "2025-05-14T10:25:30.000000Z"}]}